IN THE CLAIMS: 

1. (Previously Preseated) A PKI certificate architecture for a network connected 
gaining system, the gaming system including a plurality of gaining machines eacli having a 
plurality of executable software components, wherein each different executable softwaie 
component within each gaming machine within the gaming system subject to receive 
certification is imiquely associated with a imique identifier and is signed with a sepaiate and 
imique PKI certificate, tlie separate and imique PKI certificate beuig uniquely identified at least 
by the imique identifier, wherein identical executable softwaie components in different ones of 
tlie plurality of gaming machines of tlie network coimected gaming system ai'e associated with 
identical identifiers and ai'e signed with identical PKI certificates, such that non-identical 
executable software components in different ones of the plmality of gaming machines aie 
associated with separate and different identifiers and are signed with sepaiate and different PKI 
certificates, and such that no two non-identical executable software components in different 
gaming machines are signed with a same PKI certificate. 

2. (Previously Presented) A PKI certificate architectiu'e according to clahn 1, 
wherein each softwaie component is authorized by a regulatoiy autliority. 

3. (Currently Amended) A PKI certificate aichitectinre according to claim 1 claim 
2, wherein tlie separate and imique PKI certificate is produced by tlie certification lab, by tlie 
gaming system supplier or by tlie trusted party designated by the regulatory authority. 

4. (Currently Amended) A PKI certificate aichitecture according to «lawi-4- claim 
2, wherein each softwaie component is code signed by a certification lab, by a gaining system 
supplier or by a trnsted party designated by the regulatory autliority. 
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5. (Previously Presented) A PKI certificate aidiitectiue according to claim 1, 
wherein the separate and luiique identifier is a certificate field selected from a ''Subject'' field, an 
''issued to" field, a "subject name" field, a "CommonName" field, a ^'provider" field or a 
"pubUsher" field. 

6. (Previously Presented) A PKI certificate ai'chitecture according to claim 1, 
wherein the imique identifier comprises at least one of fields and field extensions. 

7. (Previously Presented) A PKI certificate aicliitectiu'e according to claim 1, 
wherein the unique identifier comprises at least one of a pliuality of fields selected fioin among: 

a software component part nimiber; 

a software coinponent major version niunber; 

a software component minor version nimiber; 

a software component build nimiber; 

a software coinponent revision number; 

a software component project name; 

a software component type of software component; 

a software coinponent language variant; 

a software coinponent game regulation variant; 

a software coinponent friendly name; 

an identification of the certification laboratoiy, and 

an identification of the client. 

8. (Previously Presented) A PKI certificate arcliitectiue according to claim 7, 
wherein the imique identifier is a concatenation of selected identifiers. 
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9. (Previously Presented) A PKI certificate aicliitectiue according to claim 1, 
wherein at least a portion of tlie imique identifier is reported in tlie Windows event log upon 
execution of tlie software component. 

10. (Previously Presented) A PKI certificate ai'chitectiue according to claim 1, 
wherein at least a portion of the imique identifier is reported in tlie soiu'ce field of the Windows 
event log upon execution of the software component. 

11. (Previously Presented) A PKI certificate aicliitectiue according to claim 1, 
wherein at least a portion of tlie imique identifier is reported in tlie. Windows event log upon 
execution of tlie software component in a predetermined event log bin upon execution of tlie 
software component. 

12. (Previously Presented) A PKI certificate aichitectiu'e according to claim 1, 
wherein at least a portion of tlie imique identifier is traceable in at least one of: 

soiu'ce code; 

Windows File Properties; 
Tmsted Inventory; 
Windows Event Log; 
Software Restriction Policies, and 
Certificate Store. 

13. (Original) A PKI certificate architecture according to claim 1, wherein tlie 
network comiected gaming system is connected in at least one of a local area system and wide 
area network. 
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14. (Previously Presented) A PKI certificate aichitectiue according to claim 1, 
wherein tlie network connected gaining system comprises at least one of gaming tenninals, 
gaming servers and computers. 

15. (Previously Presented) A PKI certificate aichitectiue according to claim 1, 
wherein die imique identifier contains identification infonnatioii deUmited with file-naine- 
allowed non-alphanimieric characters to facihtate himiaii identification, string seaiches and file 
searches, 

16. (Previously Presented) A PKI certificate aichitectiue according to claim 1, 
wherein a selected set of identification infomiation making up the luiique identifier are used for 
making up the file name of PKI certificate related files such as *.CER, *.P7B and *.PVK such as 
to facilitate hiunan identification, string searches and file searches. 

17. (Currently Amended) A metliod for a network connected gaming system to 
prevent luiauthorized software components of constituent computers of the gaming system fi'om 
executing, tlie gaining system including a pliu*ality of gaming machines each having a phuality 
of executable software components, tlie method comprising the steps of: 

producing a separate and luiique PKI ceitificate for each of the phu'ality of executable 
softwaie component subject to receiving certification within each gaining machine, each 
software component subject to receiving certification including a imique identifier; 

code signing each executable software component subject to receiving certification with 
its respective separate and imique PKI certificate, each respective PKI certificate being imiquely 
identified at least by a imique identifier that is imiquely associated with tlie executable software 
component such tliat identical executable software components in different ones of tlie pliu'ahty 
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of gaining machines of the network connected gaming system aie associated with identical 
identifiers and are code signed with identical PKI certificates, such tliat non-identical executable 
software components in different ones of the phnality of ganiing machines are associated with 
sepaiate and different identifiers and are code signed witli separate and different PKI certificates 
and such tliat no two non-identical executable software components in different gaming 
machines are code signed with a same PKI certificate, and 

configiuing a software restriction policy certificate rules rule for each of the plurality 
of executable software components and enforcing each of the soft^vare resti tction policy 
certificate rules to allow execution of only those executable software components whose code 
signed PKI certificate is determined to be authorized. 

18. (Previously Presented) A method according to claim 17, fiu-tlier comprising tlie 
step of configuring software restriction policy mles to prevent execution of luiauthorized 
softwai'e components. 

19. (Previously Presented) A method according to claim 17, fiirther coinprismg the 
step of configiuing software restriction policy rules to prevent execution of all not explicitly 
authorized software components. 

20. (Previously Presented) A metliod for a network comiected gaming system to 
enable only autliorized software components of constituent computers of the gaming system to 
execute, comprising the steps of: 

code signing each autliorized software component witli a PKI ceitificate such that 
identical autliorized software components m different ones of the constituent computers are code 
signed with identical PKI certificates, such that non-identical autliorized softwai-e components in 
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different ones of the constituent computers aie code signed with sepai-ate and different PKI 
certificates and such tliat no two non-identical autliorized software components in different ones 
of the constituent gaming machines are code signed witli a same PKI certificate; 

configimng a separate software restriction policy for each authorized software component 
in each of the constituent computers of the gaming system, and associating tlie configured 
sepaiate software restriction policy witli tlie PKI certificate with which tlie autliorized software 
component was code signed; 

enforcing the associated software restriction poUcy for each code signed authorized 
softwaie component such tliat each code signed authorized software component in each of the 
constituent computers of tlie gaming system must be authorized to nin by its associated separate 
softwaie restriction policy. 

21. (Previously Presented) A metliod according to claim 20, wherein the authorized 
softwai'e components aie mandated by a regulatory body. 

22. (Previously Presented) A inetliod for a network coimected gaming system to 
enable only authorized software components of constituent computers of the gaaning system to 
execute, comprising the steps of: 

configiuing a sepai'ate and imique certificate software restriction policy for each 
authorized executable software component of each of tlie constituent computers of the gaming 
system such diat tlie each authorized executable softwai'e component in each of the constituent 
computers of the gaming system must be autliorized to nui by its associated sepai'ate software 
restriction policy; 
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code signing each authorized software component widi a PKI certificate such that 
identical autliorized software components in different ones of the constituent computers are code 
signed with identical PKI certificates, such that non-identical autliorized softwaie components in 
different ones of the constituent computers aie code signed with separate and different PKI 
certificates and such that no two non-identical authorized software components in different ones 
of the constituent gaming machines are code signed witli a same PKI certificate; 

configiuing a path software restriction policy to prevent imautliorized software 
components from executing; 

configiuing a path software restriction policy to prevent non-explicitly authorized 
softwaie components from executing; 

enforcing the certificate software restriction policy configined for each of the code signed 
authorized executable software components of each of tlie constituent computers of the gaming 
system, and 

enforcing the path software restriction policies. 

23. (Previously Presented) A mediod according to claim 22, wherein the authorized 
softwaie components are mandated by a regulatory body. 

24. (Previously Presented) A metliod for a network comiected gaming system to 
enable only authorized software components of constituent computers of the gaming system to 
execute, tlie gaming system including a plurality of gaming machines each having a plurality of 
executable software components, the method comprising the steps of: 

producing a separate and luiique PKI certificate for each of the phnality of executable 
software components within the gaming system subject to receive certification, each respective 
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PKI ceitificate beiiig associated witli a unique identifier that is luiiquely associated witli the 
executable software component sucli that identical executable softwaie components in different 
ones of the pliu:ality of gaming machines of the network connected gaining system are associated 
with identical identifiers and are code signed witli identical PKI certificates, such that non- 
identical executable software components in different ones of the plinality of gaming machines 
are code signed with separate and different PKI certificates and such that no two non-identical 
executable software components in different gaming machines are code signed witli a same PKI 
certificate; 

code signing each software component subject to receive certification with its respective 
separate and luiique PKI ceitificate; 

configiuiiig a ceitificate software restriction policy for each of tlie respective separate and 
luiique PKI certificates, and 

enforcing the certificate software restriction policy for each of the respective separate and 
luiique PKI certificates. 

25. (Previously Presented) A inetliod for downloading autliorized executable 
software components and allowing execution of downloaded authorized executable software 
components of a plurality of gaining machines of a network comiected gaming system, 
comprising the steps of: 

for each of the plmality of gaming machines of the network connected gaining system: 

code signing each authorized executable software component with a separate PKI 
certificate that is imique to the authorized softwaie component such tliat identical executable 
softwaie components in different ones of the plurality of gaming machines of the network 
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connected ganiiug system are code signed witli identical PKI certificates, such that non-ideutical 
autliorized softwaie components in different ones of tlie phirality of ganiing machines are code 
signed with separate and different PKI certificates and such that no two nou-identical authorized 
software components in different ganiing machines are code signed witli a same PKI certificate; 

packaging the code signed authorized software components into an installation 

package; 

configiuing install policies to install each code signed authorized executable 
software component contained in the installation package; 

configiuing certificate iiUe policies to allow execution of tlie installed code signed 
authorized executable software component; 

configiuing enforcement of the policies. 

26-81. (Canceled) 

82. (Currently Amended) An automated platform to enable an on-going regulatory 
certification of a phuality of authorized softwaie components of a network connected gaming 
system including a plm*ality of computers, tlie method comprising: 

a reference platform representative of a target network connected gaming system and 
comprising a software-building environment located at a manufactiu-er or subcontractor of tlie 
software components; 

a certification platfonn located at a regulatory certification authority, the ceitification 
platfonn being substantially identical to the reference pLatformi and platform; 

code-signing means for enabling the manufactiuer or subcontractor to associate a 
sepaiate and imique PKI ceitificate with each authorized software component subject to 
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regulatory ceitification such tliat identical authorized software components subject to regulatory 
certification in different ones of the plurality of ganiing machines of the network connected 
gaming system aie code signed with identical PKI certificates, such that non-identical executable 
softwaie components in different ones of the pliu:ality of gaming machines aie code signed with 
separate' and different PKI ceitificates, and such that no two non-identical executable software 
components in different gaining macliines are code signed with a same PKI ccitlflcatoi 
certificate, and 

a secure commnnication link between the reference platform and the certification 
platform for enabling manufacturer or designated subcontractors to remotely configure 
the software building environment on the certification platform. 

83. (Canceled) 

84. (Previously Presented) An automated platfonn according to claim 82, wherein 

tlie authorized software components to be downloaded to the network connected gaming system 

are tested by tlie ceitification laboi'atory. 
» 

85. (Previously Presented) An automated platfonn according to claim 82, wherein 
tlie authorized software components to be downloaded to the network connected gaming system 
are compiled by the certification laboratory. 

86. (Previously Presented) An automated platform according to claim 82, fiu-tlier 
comprising a secure commiuiication link between the reference platform ajid tlie cei1ification_for 
enabling remote assistance. 



Page 11 of 21 



Serial No. 10/789,975 
Atty. Docket No. CYBS5858 



87. (Previously Presented) An automated platform according to claim 82, fnrtlier 
compiising a secure commimication link between the reference platfomi and tlie certification^for 
enabling users to carry out certification steps from a remotely located computer. 

88. (Original) An automated platfonn according to claim 82, wherein the code 
signing means comprises a certificate autliority imder contol of the manufacturer for generating 
certificates. 

89. (Original) An automated platfonn according to claim 82, wherein tlie code 
signing means comprises a certificate authority imder control of the regulatory certification 
authority for generating certificates. 

90. (Previously Presented) An automated platfomi according to claim 82, fiirtlier 
comprising means for maintaining the softwaie-building environment of the reference platfoim 
and tlie software-building environment of tlie certification platfonn synclnronized. 

91-97. (Canceled) 
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